invenio conquer-password-mgmt
DESCRIPTION
Solve the password management headaches - finally. Three tools are covered - Meldium, iCloud Keychain and KeePass/KyPass.TRANSCRIPT
1
Conquering The PasswordHeadache…
Invenio Advisors, LLCDon Tomoff, CPA, MBA
December 2013
2Invenio Advisors, LLC – Don Tomoff
Disclaimer
Password management is a broad concept and there are a variety of ways to handle passwords and maintain security.
Outlined in this presentation is only oneapproach that I use - and recommend - to meet the password management objectives outlined.
3Invenio Advisors, LLC – Don Tomoff
Password Problem?
Check out video – does this sound familiar?
TAP Image
to Play
4Invenio Advisors, LLC – Don Tomoff
Password Problem?
Interesting statistics…
Source: https://lastpass.com
5Invenio Advisors, LLC – Don Tomoff
Problem Hypothesis
Individuals have a difficult time creating and managing complex,
secure passwords
6Invenio Advisors, LLC – Don Tomoff
Fast Company Article
“Feeling Insecure? Because Your Passwords Are” November 12, 2013
• “Adobe announced hackers had nabbed the account information of 2.9 million customers…then adjusted it to 38 million…”
• “…turns out that people are often loonily lackadasical with their passwords.”
• “Additionally, some Adobe users had the gumption to use sensitive information as their password or hint.” (e.g., social security number)
7Invenio Advisors, LLC – Don Tomoff
Fast Company Article
“The 10 Biggest Password Mistakes People Make” November 27, 2013
• “Using any of the following terms is like locking your bank vault with masking tape and good intentions ...”
• #7 –“LetMeIn… Even sticking a "please" on the end would make it at least somewhat hard, just from the act of adding more letters.”
• #5 - “Swear Words…Unfortunately, by doing this, you're choosing the first words that are going to pop into someone's head as soon as they get pissed off that they can't figure out your password.”
• #1 – “Password” – “It's one step above just leaving your computer sitting unattended on a busy city sidewalk.”
8Invenio Advisors, LLC – Don Tomoff
Secure
NOT Secure
Convenient NOT Convenient
This is the password conundrum...
9Invenio Advisors, LLC – Don Tomoff
Secure
NOT Secure
Convenient NOT Convenient
Current state may look like this...
10Invenio Advisors, LLC – Don Tomoff
Secure
NOT Secure
Convenient NOT Convenient
Challenge is to do this ..
11Invenio Advisors, LLC – Don Tomoff
Password ManagementIncreasing Security and Reducing Your Headaches
iCloud Keychain
KeePass/KyPass
12Invenio Advisors, LLC – Don Tomoff
Password Management Objectives
Manage and access from any platform or device ("anytime, anywhere")
Increase password complexity (character mix, length, and no repeating passwords)
Eliminate the need to remember or manually key your password
13Invenio Advisors, LLC – Don Tomoff
One Example - Dropbox
Password (ok, not really!)
L&@"2&!b,8s)0Zm,D^Vvl,uKI
What’s the point?
14Invenio Advisors, LLC – Don Tomoff
Password Tools
iCloud Keychain
Meldium
Password "Safe“ (many options, here’s two)
KeePass/KyPass
LastPass
15Invenio Advisors, LLC – Don Tomoff
Three Tools - Coverage
Tool Mobile / PC CommentsiCloud Keychain Mobile Just memorizes and works
– not all passwords (no user interaction)
Meldium PC Use at your desk (browser). “One-click” access to only cloud services.
Password Safe(KeePass/KyPass)• Also, LastPass &
1Password
Mobile/PC Everything – requires user interaction (however, enables no memory or re-keying efforts)
16Invenio Advisors, LLC – Don Tomoff
Three Tools - Coverage
Amount of Effort?Tool Mobile / PC Keep a List Tool
iCloud Keychain
Mobile Access, lookup,
manually enter
None
Meldium PC Access, lookup,
manually enter
One-click
Password Safe (KeePass / KyPass)
Mobile/PC Access, lookup,
manually enter
Access, lookup, copy-
paste
19Invenio Advisors, LLC – Don Tomoff
Passwords Across Devices
MeldiumKeePass
iCloud KeyChainKyPass
iCloud KeyChainKyPass
20Invenio Advisors, LLC – Don Tomoff
iCloud Keychain
iCloud Keychain stores your usernames, passwords, Wi-Fi networks, and credit card information so that you can easily fill in forms or logins whenever you need.
This will sync across Safari and with third party apps that support iCloud Keychain. Your information is securely protected using 256-bit AES encryption.
iCloud Keychain also includes a powerful password generator.
21Invenio Advisors, LLC – Don Tomoff
Intro to iCloud Keychain
22Invenio Advisors, LLC – Don Tomoff
iCloud Keychain Resources
iCloud – FAQ (Apple Support site)
Apple’s iCloud Keychain: It Works, but with Frustrating Limitations
How to access and view your iCloud KeyChain passwords with iOS7
iCloud Keychain: Everything You need to know and How to set it up
How to use iCloud KeyChain
How to add credit card information to iCloud KeyChain
23Invenio Advisors, LLC – Don Tomoff
MeldiumMore than just another password manager. It automatically logs you in to your favorite apps and web sites without typing usernames and passwords. You get instant access with extensions for Chrome and Firefox.
Enables your team to share access to apps without sharing passwords. Protect your company from phishing attacks and use strong passwords on all your services.
When you sign in with Google, Meldium automatically extends its secure two-factor authentication (2FA) to all your apps.
24Invenio Advisors, LLC – Don Tomoff
Meldium Dashboard
25Invenio Advisors, LLC – Don Tomoff
Meldium Pricing
26Invenio Advisors, LLC – Don Tomoff
Meldium Resources
Home page – www.meldium.com
Meldium blog page
Ditch the Spreadsheet. Meldium Controls Your Team’s Shared App Passwords For You
Meldium – Instant Access to Apps
27Invenio Advisors, LLC – Don Tomoff
KeePass & KyPass
Password "safe" - Windows PC software and compatible app for mobile devices
"A secure, lengthy, completely random password goes a long way towards improving your security–and having a separate password for each and every website and service you use is the single most important thing you can do to keep secure."
KeePass/KyPass
28Invenio Advisors, LLC – Don Tomoff
KeePass – Master Signon
29Invenio Advisors, LLC – Don Tomoff
KeePass – Desktop View
30Invenio Advisors, LLC – Don Tomoff
KyPass - iPad
31Invenio Advisors, LLC – Don Tomoff
KyPass - iPad
32Invenio Advisors, LLC – Don Tomoff
KyPass - iPhone
33Invenio Advisors, LLC – Don Tomoff
LastPass –Browser based password safe
TAP Image
to Access
34Invenio Advisors, LLC – Don Tomoff
Password Safe Resources
KeePass Password Safe – info home page
Keepass: free and open-source password manager
Review: KeePass makes strong passwords and keeps them safe
Review: LastPass takes your passwords to the cloud
1Password vs Lastpass vs KeePass (vs…..a bunch others)
1. Lists pros and cons of various password manager alternatives –accumulated from Reddit.com posts
2. Definitely worth a review if you are unsure about what password safe you want to use.
35Invenio Advisors, LLC – Don Tomoff
Contact Invenio Advisors
Don Tomoff, CPA, [email protected]
LinkedIn ProfileFind Don on the Web
Download Business Card